Hit-and-run DDoS
Hit-and-run DDoS is a type of denial-of-service (DDoS) attack that uses short bursts of high volume attacks in random intervals, spanning a time frame of days or weeks. The purpose of a hit-and-run DDoS is to prevent a user of a service from using that service by bringing down the host server.[1] This type of attack is to be distinguished from a persistent DDoS attack which continues until the attacker stops the attack or the host server is able to defend against it.[2]
Method of attack
A DDoS attack is characterized by an explicit attempt by attackers to prevent legitimate users of a service from using that service.[3] A hit-and-run DDoS is accomplished by using high volume network or application attacks in short bursts. The attacks only last long enough to bring down the server hosting the service, normally 20 to 60 minutes. The attack is then repeated every 12 to 24 hours over a period of days or weeks, causing issues for the company hosting the service.
Hit-and-run DDoS is sometimes used as a test DDoS attack. An attacker will inject a few bad packets into a network to test if it is online and functioning. Once the network is verified as functioning, an attacker will then use a persistent DDoS attack.[4]
Hit-and-run DDoS exploits anti-DDoS software and services which are used to defend against prolonged DDoS attacks. Activating such software can take longer than the actual attack, allowing a denial of service before DDoS protection can start to defend from the attack.
See also
References
- ↑ EC-Council (2009). Computer Forensics: Investigating Network Intrusions and Cyber Crime. Cengage Learning. ISBN 9781435483521.
- ↑ Wiles, Jack (2011). The Best Damn Cybercrime and Digital Forensics Book Period. Syngress. p. 559. ISBN 9780080556086.
- ↑ Richmond, Riva. "What 'DDoS' Attacks Are and How to Survive Them". Entrepreneur. Retrieved 28 January 2014.
- ↑ EC-Council (2009). Ethical Hacking and Countermeasures: Linux, Macintosh and Mobile Systems. Cengage Learning. ISBN 9781435483644.